Report Exposes Crypto Scammers’ $4M Heist Through Google Search Ads

Crypto scammers have managed to steal over $4 million from unsuspecting users by utilizing deceptive websites advertised through Google search ads, as uncovered by the web3 anti-scam platform ScamSniffer. The report revealed that during the past month, scammers achieved a staggering 276% return on investment (ROI), taking advantage of thousands of victims.

In a series of tweets, ScamSniffer disclosed the presence of numerous malicious ad links found on Google ad searches:

Notably, these links led users to counterfeit websites requesting their login signature information, compromising their wallet addresses. The scammers specifically targeted well-known decentralized finance (DeFi) protocols and brands such as Zapper.fi, Lido, Stargate, Defillama, and Radiant, among others.

To bypass Google’s rigorous ad review process, scammers employed a variety of tactics. These included anti-debugging techniques, parameter distinction, and methods to manipulate the Google Click ID parameter. This manipulation allowed scammers to display a seemingly regular webpage during the review process, effectively deceiving Google’s system.

Significantly, data analysis revealed that scammers stole roughly $4.16 million from users within the past month alone. Over 3,000 users have fallen victim to these scams, according to ScamSniffer’s findings. With a projected 40% conversion rate from the 7,500 users who clicked on the malicious ads, the scammers are estimated to have spent close to $15,000 advertising their fraudulent websites. Consequently, their ROI amounts to an astounding 276%.

Phishing attacks continue to be a popular technique used by scammers to siphon crypto funds from users. The crypto space, particularly the DeFi sector, remains a favored target for hackers, with over $3.7 billion stolen throughout 2022. The prevalence of these scams highlights the urgent need for increased security measures and heightened awareness among users in the crypto community.